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DETAILED ACTION 



1. 



Claims 1-20 have been examined. 



Information Disclosure Statement 



2. The information disclosure statements (IDSes) submitted on 09/10/2002, 09/03/2002, and 
05/22/2002 was filed before the mailing date of the first Office action. The submission is in 
compliance with the provisions of 37 CFR 1 .97(b)(3). Accordingly, the information disclosure 
statements are being considered by the examiner. 



3. The use of trademarks for operating systems and platforms on page 4, lines 8-9 and page 
14, lines 7-8 and 14-15 has been noted in this application. It should be capitalized wherever it 
appears and be accompanied by the generic terminology. 

Although the use of trademarks is permissible in patent applications, the proprietary 
nature of the marks should be respected and every effort made to prevent their use in any manner 
which might adversely affect their validity as trademarks. 



Specification 



Claim Rejections - 35 USC § 112 



4. 



The following is a quotation of the second paragraph of 35 U.S.C. 112: 



The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 
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5. Claims 2-8 are rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

Claim 2 recites the limitation "the native security settings" in line 1 . There is insufficient 
antecedent basis for this limitation in the claim. This rejection can be overcome by deleting the 
second "the" in line 1 . 

6. Claims 4-8 are rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

Claim 4 recites the limitation "the native security settings" in line 1 . There is insufficient 
antecedent basis for this limitation in the claim. This rejection can be overcome by deleting the 
second "the" in line 1 . 

7. Claims 9-12 are rejected under 35 U.S.C. 112, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

Claims 9-12 are rejected under 35 U.S.C. 1 12, second paragraph, as being incomplete for 
omitting essential elements, such omission amounting to a gap between the elements. See MPEP 
§ 2172.01. The omitted elements are: hardware limitations sufficient to support a claim drawn to 
a system. 

8. Claim 12 is rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 
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Claim 12 contains the trademark/trade name Windows NT. Where a trademark or trade 
name is used in a claim as a limitation to identify or describe a particular material or product, the 
claim does not comply with the requirements of 35 U.S.C. 1 12, second paragraph. See Ex parte 
Simpson, 218 USPQ 1020 (Bd. App. 1982). The claim scope is uncertain since the trademark or 
trade name cannot be used properly to identify any particular material or product. A trademark 
or trade name is used to identify a source of goods, and not the goods themselves. Thus, a 
trademark or trade name does not identify or describe the goods associated with the trademark or 
trade name. In the present case, the trademark/trade name is used to identify/describe a directory 
type and, accordingly, the identification/description is indefinite. 

9. Claims 14-20 are rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

Claim 14 recites the limitation "the native security settings" in line 1. There is 
insufficient antecedent basis for this limitation in the claim. This rejection can be overcome by 
deleting the second "the" in line 1 . 

10. Claims 16-20 are rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

Claim 16 recites the limitation "the native security settings" in line 1. There is 
insufficient antecedent basis for this limitation in the claim. This rejection can be overcome by 
deleting the second "the" in line 1 . 
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Claim Rejections - 35 USC § 101 

11. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

12. Claims 1-8 and 13-20 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

Claims that recite method steps merely manipulating abstract ideas are nonstatutory. See 
MPEP § 2106 IV. B. 1 and/« re Schrader, 1 1 F.3d 290, 292-93, 30 USPQ2d 1455, 1457-58 
(Fed. Cir. 1994). The claims recite process steps that neither result in a physical transformation 
outside the computer in a practical application nor limited to a practical application in the 
technological arts. See MPEP § 2106 IV. B. 2(b) and Diamond v. Diehr, 450 U.S. at 183-84, 
209 USPQ at 6. This rejection can be overcome by reciting step(s) that result in a portal entity, 
such as a user, obtaining access to a metadata object, such as by viewing and exposure (see 
specification, page 17, lines 10-21; figure 7, steps 710 and 714). 

13. Claims 9-12 are rejected under 35 U.S.C. 101 because the claimed invention is directed 
to non-statutory subject matter. 

Claims 9-12, drawn to a system, recite limitations that are merely computer programs per 
se, i.e., the descriptions or expressions of the programs, are not physical "things." MPEP § 2106 
IV. B. 1(a). The limitations are not directed to interrelated hardware elements combining to form 
a machine. See MPEP § 2106 IV. B. 2(a) and In reAlappat, 33 F.3d 1526, 1544, 31 USPQ2d 
1545,1557. 

14. Claims 13-20 are rejected under 35 U.S.C. 101 because the claimed invention is directed 
to non-statutory subject matter. 
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Claims 13-20 are drawn to a computer program product. A "computer program product" 
is a computer listing not embodied on a computer-readable medium. "[C]omputer programs 
claimed as computer listings per se, i.e., the descriptions or expressions of the programs, are not 
physical 'things/ They are neither computer components nor statutory processes, as they are not 
'acts' being performed. Such claimed computer programs do not define any structural and 
functional interrelationships between the computer program and other claimed elements of a 
computer which permit the functionality of the computer to be realized." MPEP § 2106 IV. B. 
1(a). This rejection can be overcome by a claiming "computer-readable medium encoded with a 
computer program product." See id. 

15. To expedite a complete examination of the application, the claims rejected under 35 
U.S.C. 101 (nonstatutory) above are further rejected as set forth below in anticipation of 
applicant amending these claims to place them within the four statutory categories of invention. 



Claim Rejections - 35 USC § 102 
16. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 1 22(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 
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17. Claims 1-5 and 9-17 are rejected under 35 U.S.C. 102(e) as being anticipated by Polizzi 
et al., U.S. Patent No. 6,643,661 B2. 

As per claims 1 and 13, Polizzi et al. illustrate a method and a computer program product 
for administering portal security for an object, comprising: 

extracting a native security setting from a native environment of the object (see column 
10, lines 49-60; figure 3, item 300; obtaining the confidential nature for an object based on 
confidential information that only a few users should see); 

mapping the native security setting into a portal security setting associated with a portal 
(see column 10, lines 55-59; figure 3, items 305 and 300; determining permissions to the object 
and its category); and 

associating in the portal, the portal security setting with the object (see column 10, lines 
63-64; implementing the security measures for sensitive information; see column 10, lines 55-59; 
with the permissions assigned to the objects). 

As per claims 2 and 14, Polizzi et al. further shows: 

that the native security settings comprise an identity of an entity external to the portal 
(see column 4, lines 26-29; figure 1, items 100; a plurality of users external to the portal and 
connected to it by a computer network) having a predetermined security relationship with the 
object in its native environment (see column 10, lines 49-60; figure 3, item 300; obtaining the 
confidential nature for an object based on confidential information that only a few users should 
see); 
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mapping the external entity into a corresponding portal entity (see column 5, lines 43-47; 
figure 2, item 220; assigning permissions and group memberships to a particular user in 
association with the portal); and 

instantiating the predetermined security relationship between the metadata object and the 
corresponding portal entity (see column 11, lines 27-30; assigning permissions to users to read, 
write, and execute objects). 

As per claims 3 and 15, Polizzi et al. then specifies: 

that the predetermined security relationship is viewing access (see column 11, lines 27- 
30; assigning permissions to users to read objects). 

As per claims 4 and 16, Polizzi et al. moreover point out: 

that the native security settings comprise an identities of users and groups external to the 
portal (see column 4, lines 26-29; figure 1, items 100; a plurality of users external to the portal 
and connected to it by a computer network; see column 1 1 ; lines 30-3 1 ; where a group is a set of 
users) having a predetermined security relationship with the object in its native environment (see 
column 10, lines 49-60; figure 3, item 300; obtaining the confidential nature for an object based 
on confidential information that only a few users should see); 

mapping the external uses and external groups into a corresponding portal users and 
groups according to a mapping process (see column 5, lines 43-47; figure 2, item 220; assigning 
permissions and group memberships to a particular user in association with the portal; see 
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column 1 1, lines 31-33; where a particular group will be given similar permissions for a set of 
objects); and 

associating the corresponding portal users and portal groups with the object according to 
the predetermined security relationship (see column 1 1, lines 27-30; assigning permissions to 
users to read, write, and execute objects). 

As per claims 5 and 17, Polizzi et al. then suggests: 

that the mapping process is executed according to information maintained in a portal 
database (see column 11, lines 33-36; figure 3, items 120, 220, and 200-210; the authentication 
server maps in accordance with the portal databases). 

As per claim 9, Polizzi et al. disclose a corporate portal system, comprising: 
a crawler for accessing external domains (see column 12, lines 50-54; crawlers 

navigating the Internet accessing documents in external domains through URLs); 

a security extraction utility (see column 10, lines 49-60; figure 3, item 300; obtaining the 

confidential nature for an object based on confidential information that only a few users should 

see); 

a database comprising information for mapping the extracted native security information 
into a security system of the corporate (see column 10, lines 55-59; figure 2, items 200-210; 
figure 3, items 305 and 300; determining permissions to the object and its category); and 

associating in the portal, the portal security setting with the object corresponding to the 
mapped security information (see column 10, lines 63-64; implementing the security measures 
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for sensitive information; see column 10, lines 55-59; with the permissions assigned to the 
objects), 

wherein the security system of the corporate portal regulates the exposure of portal 
metadata objects corresponding to external objects (see column 1 1, lines 27-30; assigning 
permissions to users to read, write, and execute objects). 

As per claim 10, Polizzi et al. then point out: 

a synchronizing agent for accessing external user and external group information (see 
column 5, lines 43-47; figure 2, item 220; assigning permissions and group memberships to a 
particular user in association with the portal; see column 11, lines 31-33; where a particular 
group will be given similar permissions for a set of objects); and 

wherein a database comprises information corresponding to portal users and portal 
groups with the object according to the predetermined security relationship (see column 11, lines 
27-30; assigning permissions to users to read, write, and execute objects). 

As per claim 11, Polizzi et al. further show: 

an administrative user interface for populating the database using information that 
includes the external user information and the external group information (see column 1 1 , lines 
17-36; figure 2, items 220, 120, and 200-210; archiving user and group information for 
authentication in the database). 



As per claim 12, Polizzi et al then discusses: 
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that the synchronizing agent adapts user and group information from directory types of 
Windows NT (see column 4, lines 54-55), LDAP (see column 38-41) and ODBC (see column 4, 
lines 47-52). 

Telephone Inquiry Contacts 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Justin T. Darrow whose telephone number is (571) 272-3801, and 
whose electronic mail address is justin.darrow@uspto.gov. The examiner can normally be 
reached Monday-Friday from 8:30 AM to 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron, Jr., can be reached at (571) 272-3799. 

The fax number for Formal or Official faxes to Technology Center 2100 is (703) 872- 
9306. In order for a formal paper transmitted by fax to be entered into the application file, the 
paper and/or fax cover sheet must be signed by a representative for the applicant. Faxed formal 
papers for application file entry, such as amendments adding claims, extensions of time, and 
statutory disclaimers for which fees must be charged before entry, must be transmitted with an 
authorization to charge a deposit account to cover such fees. It is also recommended that the 
cover sheet for the fax of a formal paper have printed "OFFICIAL FAX". Formal papers 
transmitted by fax usually require three business days for entry into the application file and 
consideration by the examiner. Formal or Official faxes including amendments after final 
rejection (37 CFR 1.116) should be submitted to (703) 872-9306 for expedited entry into the 
application file. It is further recommended that the cover sheet for the fax containing an 
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amendment after final rejection have printed not only "OFFICIAL FAX" but also 
"AMENDMENT AFTER FINAL". 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 

Any inquiry of a general nature or relating to the status of this application should be 
directed to the Group receptionist whose telephone number is (571) 272-2100. 



June 27, 2005 




JUSTIN T. DARROW 
PRIMARY EXAMINER 
TECHNOLOGY CENTER 2100 



